Mastering Cross-Border M&A in India’s IT Industry Under Indian Law

India’s Information Technology (IT) sector, valued at over $250 billion in 2024, stands as a global leader, driving international M&A and attracting both inbound and outbound IT acquisitions. Indian firms like TCS and Infosys acquire foreign SaaS and AI companies, while global giants target India’s tech talent and market. Navigating these complex transactions requires a deep understanding of Indian law to mitigate legal risks and ensure regulatory compliance. This article provides senior leaders, legal heads, and decision-makers in India’s IT industry with a roadmap to execute successful international M&A, addressing regulations, challenges, solutions, and a practical case study.

Regulatory Landscape Governing IT Acquisitions Under Indian Law

Indian law establishes a robust framework for international M&A, balancing investor-friendly policies with stringent oversight. Key regulations include:

• Companies Act, 2013: This governs M&A processes, requiring board approvals, shareholder consents, and National Company Law Tribunal (NCLT) sanctions. Section 234 specifically allows cross-border mergers with notified jurisdictions, ensuring compliance with Indian law.
• Foreign Exchange Management Act (FEMA): FEMA, enforced by the Reserve Bank of India (RBI), regulates cross-border investments. Its Overseas Direct Investment (ODI) rules cap outbound investments, while inbound investments adhere to pricing and reporting guidelines.
• Foreign Direct Investment (FDI) Policy: The FDI policy permits 100% investment in IT under the automatic route, but e-commerce and SaaS platforms with marketplace models may require government approval.
• SEBI Regulations: For listed IT firms, SEBI’s Takeover Code and Listing Obligations and Disclosure Requirements (LODR) mandate disclosures, pricing norms, and open offer triggers during acquisitions.
• Competition Commission of India (CCI): The CCI reviews deals exceeding asset or turnover thresholds to prevent anti-competitive practices, critical for large IT acquisitions.
• Data Protection Laws: The Digital Personal Data Protection (DPDP) Act, 2023, imposes strict data handling, consent, and localisation requirements, particularly for SaaS firms.

Compliance with these regulations under Indian law is essential to avoid penalties and delays in international M&A.

1. Common Challenges in International IT Acquisitions

IT acquisitions face significant hurdles under Indian law, complicating deal execution and integration:

• Regulatory Compliance: Navigating FEMA, RBI, SEBI, and CCI requirements is complex. FEMA’s pricing guidelines and RBI approvals can delay cross-border payments.
• Due Diligence Complexities: Verifying IP ownership, contracts, and tax liabilities across jurisdictions risks uncovering hidden liabilities that impact deal valuation.
• Data Privacy Risks: The DPDP Act requires robust consent mechanisms and data localisation, increasing legal risks for non-compliant IT firms.
• IP Transfer and Licensing: Transferring software patents or licenses demands compliance with Indian law and international treaties, ensuring clear title and valid assignments.
• Labor Law Considerations: Post-merger integration triggers obligations under the Industrial Disputes Act, requiring employee consultations for transfers or layoffs.
• Anti-Trust Clearances: CCI scrutiny can delay deals, especially for IT firms dominating cloud or SaaS markets.
• Dispute Resolution: Multi-jurisdiction contracts risk conflicts over applicable law, necessitating clear arbitration mechanisms.

These challenges underscore the need for strategic planning to align with Indian law.

2. Strategic Solutions for Navigating Indian Law in IT Acquisitions

To address these challenges, IT leaders can adopt the following best practices under Indian law:

• Engage Expert M&A Counsel: Retain legal advisors who specialise in Indian law and cross-border deals. They help navigate FEMA, SEBI, and CCI regulations.
• Structure Compliant Deals: Align investments with FEMA caps and FDI automatic routes. Use joint ventures or equity structures to speed up approvals.
• Leverage Tax-Efficient Structures: Consider reverse mergers, share swaps, or holding companies. These can help optimise tax liabilities under India’s tax treaties and Indian law.
• Draft Robust Agreements: Develop clear Share Purchase Agreements (SPAs) and Non-Disclosure Agreements (NDAs). Include warranties, indemnities, and IP clauses to reduce legal risks.
• Address IP and Transfer Pricing: Ensure IP assignments follow Indian IP laws and OECD guidelines. This avoids future tax disputes.
• Plan Post-Acquisition Integration: Align HR policies with Indian law. Address ESOP transitions, labor compliance, and retention to ensure smooth integration.
• Incorporate Arbitration Clauses: Include international arbitration clauses (e.g., Singapore International Arbitration Centre) in contracts, specifying Indian law for India-related disputes.

These strategies streamline IT acquisitions and ensure regulatory compliance.

Case Example: Indian IT Firm Acquiring a US SaaS Company

Consider TechInnovate, an Indian IT firm, acquiring CloudSync Inc., a US-based SaaS company, for $200 million. Indian law shaped the transaction as follows:

• Transaction Structure: TechInnovate structured the deal as a share purchase, complying with FEMA’s ODI limits and RBI pricing guidelines. The consideration included cash and TechInnovate shares, leveraging India’s tax treaties for efficiency.
• IP Transfer: CloudSync’s SaaS platform, patents, and algorithms were assigned to TechInnovate’s Indian subsidiary. The licenses were registered under Indian law (Patents Act, 1970). Due diligence confirmed there were no third-party IP encumbrances.
• Data Compliance: TechInnovate conducted privacy due diligence to align CloudSync’s practices with the DPDP Act. They implemented data localisation and consent mechanisms for Indian clients.
• Regulatory Approvals: The deal needed RBI approval for outbound remittances. It also required CCI clearance because of TechInnovate’s SaaS market share. These approvals delayed the closing by two months.
• Dispute Resolution: The SPA included an arbitration clause under Singapore International Arbitration Centre rules, with Indian law governing India-related obligations.

This case demonstrates how Indian law influences deal structuring, compliance, and risk mitigation in IT acquisitions.

Conclusion: The Critical Role of Indian Law in IT M&A Success

International M&A offers immense opportunities for India’s IT industry, but success depends on mastering Indian law. From Companies Act and FEMA compliance to data protection and IP transfers, proactive adherence minimises legal risks and ensures seamless execution. By engaging expert counsel, structuring tax-efficient deals, and planning integration, IT leaders can unlock the full potential of IT acquisitions. Respecting Indian law is not just a regulatory necessity it’s a strategic imperative for thriving in the global tech landscape.

About LawCrust

LawCrust Global Consulting Ltd. delivers cutting-edge Hybrid Consulting Solutions in Management, Finance, Technology, and Legal Consulting to ambitious businesses worldwide. Recognised for our cross-functional expertise and hybrid consulting approach, we empower startups, SMEs, and enterprises to scale efficiently, innovate boldly, and navigate complexity with confidence. Our services span key areas such as Investment Banking, Fundraising, Mergers & Acquisitions, Private Placement, and Debt Restructuring & Transformation, positioning us as a strategic partner for growth and resilience. With an integrated consulting model, fixed-cost engagements, and a virtual delivery framework, we make business transformation accessible, agile, and impactful.

For expert legal help, please contact us:

• Email: inquiry@lawcrustbusiness.com